It’s not easy to know exactly where to begin to deal with all of them. It’s just as hard to know when to halt. Menace modeling may also help. Software danger models use process-stream diagrams, representing the architectural perspective. Operational threat models are produced from an attacker perspective according to https://ieeexplore.ieee.org/document/9941250